Poster Abstract: Towards Scalable and Trustworthy Decentralized Collaborative Intrusion Detection System for IoT

An Intrusion Detection System (IDS) aims to alert users of incoming attacks by deploying a detector that monitors network traffic continuously. As an effort to increase detection capabilities, a set of independent IDS detectors typically work collaboratively to build intelligence of holistic network representation, which is referred to as Collaborative Intrusion Detection System (CIDS). However, developing an effective CIDS, particularly for the IoT ecosystem raises several challenges. Recent trends and advances in blockchain technology, which provides assurance in distributed trust and secure immutable storage, may contribute towards the design of effective CIDS. In this poster abstract, we present our ongoing work on a decentralized CIDS for IoT, which is based on blockchain technology. We propose an architecture that provides accountable trust establishment, which promotes incentives and penalties, and scalable intrusion information storage by exchanging bloom filters. We are currently implementing a proof-of-concept of our modular architecture in a local test-bed and evaluate its effectiveness in detecting common attacks in IoT networks and the associated overhead.